Wireshark-commits: [Wireshark-commits] master bf14d8f: dtls: avoid possible NULL deref
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Wed, 1 Feb 2017 13:41:00 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf14d8faf8d6de5e841fe8f5ab5210b1b7a426a4
Submitter: Alexis La Goutte (alexis.lagoutte@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

bf14d8f by Peter Wu (peter@xxxxxxxxxxxxx):

    dtls: avoid possible NULL deref
    
    "decoder->flow" could result in a NULL pointer dereference if a null
    cipher was in use (caught by Clang static analyzer).
    
    Answering the questions:
    - DTLS records fragments do not need to be reassembled, thus there is no
      flow. The Handshake messages have their own fragment_offset field and
      thus there is no need to maintain an extra flow.
    - Actually one datagram can contain multiple records (RFC 6347, 4.1.1),
      but this is not implemented yet. The key can however not be "0"
      though, it must match the offsets from ssl_get_record_info.
    
    Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
    Change-Id: Iac367a68a2936559cd5d557f877c5598114cadca
    Reviewed-on: https://code.wireshark.org/review/19892
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    

Actions performed:

    from  5dde07c   GSM A / NAS-EPS: detect missing mandatory information elements
    adds  bf14d8f   dtls: avoid possible NULL deref


Summary of changes:
 epan/dissectors/packet-dtls.c |   12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)